We hired you in the past to clean up our server for a virus and you did a great job. We are getting some requests from our Data Center Server provider that we have
a security problem - Here is some of their comments:
been "sending spam mail and recommend to hire a security expert has the website content (permissions/owner) and scripts needs a review. Thank you to take action shortly and block smtp traffic on the server until this is done."
Thank you to investigate (possible server misconfiguration, website
compromised, account/password compromised etc...), and fix the issue and
clean the server outbound mail queue.
Mail queue size : 444850
Spam Header :
Subject: Link/website Recommendation from Travis
Suspected domain : gomainst
Please investigate, fix the vulnerability, and clean the malicious content
or suspend involved accounts.
Common vulnerabilities include:
- files/folders permissions
- modified .htaccess files
- software updates (including wordpress, joomla, cpanel...)
- weak passwords (including FTP accounts)
- any other malicious files (backdoors in website content, or malicious
recently modified files)
- website/application vulnerability
The server may be compromised by other malicious content.
We recommend you to install Clamav and Maldet (LMD), and run the scans
Also investigate any recently modified files of the involved website, and
change the accounts passwords.